ASP.NET Core authorization for just me -- a personal project
I have a background service meant solely for personal use running on a spare laptop in my closet. I want to add some endpoints so I can query its status without getting up to check on it. It's on the same wifi network as my desktop PC.
What's the simplest way to open up the API so I can hit its endpoints, but also lock it down so nobody except me can get in? I found this article -- is an IP whitelist generally secure? https://learn.microsoft.com/en-us/aspnet/core/security/ip-safelist?view=aspnetcore-8.0
Client IP safelist for ASP.NET Core
Learn how to write middleware or action filters to validate remote IP addresses against a list of approved IP addresses.
13 Replies
Unknown User•11mo ago
Message Not Public
Sign In & Join Server To View
hm. so I would set up a private DNS? is that particularly complex?
Unknown User•11mo ago
Message Not Public
Sign In & Join Server To View
via IP is fine
Unknown User•11mo ago
Message Not Public
Sign In & Join Server To View
yeah that doesn't sound simple
i'll investigate other options
Unknown User•11mo ago
Message Not Public
Sign In & Join Server To View
i'd prefer https
Unknown User•11mo ago
Message Not Public
Sign In & Join Server To View
oh yeah, definitely just my pc
Unknown User•11mo ago
Message Not Public
Sign In & Join Server To View
I think. @Becquerel (ping on reply please)
- As both computers are on the same network, it is very easy. No need to configure router, etc.
- Just run asp.net core webapi as a service and open the required port via firewall setup and assign a static ip for the server. Don't use IP from DHCP because the server will get a random ip from a specified range of IPs.
- Apply authorization on the web api.
- If you need https, just create self-signed certificate for free.
- Done.
Unknown User•11mo ago
Message Not Public
Sign In & Join Server To View